Install the SPIDER® Root Certificate
SPIDER® is deployed on private infrastructure and uses an internal Certificate Authority. Install this root certificate once on your device so your browser and apps trust spiderc2.com and all its subdomains.
Download Root CertificateWhy is this needed?
SPIDER® runs on a self-hosted, air-gapped deployment. Public certificate authorities (Let's Encrypt, DigiCert, etc.) cannot issue certificates for an internal-only domain, so we operate our own internal CA — the SPIDER Platform Root CA.
Once you install this root certificate, your device will trust every server certificate
signed by the CA, including app.spiderc2.com, tasl.spiderc2.com,
frigate.spiderc2.com, and all 30+ other subdomains. You only need to do this once per device.
Choose your platform
Install on Windows (PC)
- Click the Download Root Certificate button at the top of this page. The file
spider-root-ca.crtwill save to your Downloads folder. - Open File Explorer, navigate to
Downloads, and double-clickspider-root-ca.crt. - Click Install Certificate…
- Choose Local Machine (recommended, requires Administrator) or Current User → Next
- Select Place all certificates in the following store → Browse…
- Pick Trusted Root Certification Authorities → OK → Next → Finish
- Confirm the security warning ("Yes, install this self-signed root").
- Close all browser windows and reopen, then visit https://spiderc2.com — you'll see the green padlock.
Import-Certificate -FilePath "$HOME\Downloads\spider-root-ca.crt" -CertStoreLocation Cert:\LocalMachine\Root
Install on iPhone / iPad (iOS)
- On your iPhone, open this page in Safari and tap Download Root Certificate.
- Tap Allow when iOS asks to download a configuration profile.
- Open Settings → you'll see Profile Downloaded at the top — tap it.
If you don't see it, go to Settings → General → VPN & Device Management → tap the SPIDER profile. - Tap Install in the top-right, enter your passcode, and confirm Install again.
- This last step is critical on iOS: go to Settings → General → About → Certificate Trust Settings.
- Under Enable Full Trust for Root Certificates, toggle SPIDER Platform Root CA to ON.
- Open Safari and visit https://spiderc2.com — the padlock will appear.
Install on Android
- Tap Download Root Certificate above. The file saves to your Downloads folder.
- Open Settings → Security (or Security & privacy on newer Android).
- Tap Encryption & credentials → Install a certificate → CA certificate.
- Confirm the warning about installing a CA, then browse to Downloads and select
spider-root-ca.crt. - Open Chrome and visit https://spiderc2.com — padlock will be green.
Install on macOS
- Click Download Root Certificate above.
- Open Keychain Access (Spotlight:
Cmd-Space, type "Keychain"). - In the sidebar, click System → drag
spider-root-ca.crtfrom Downloads into the System keychain. Enter your admin password. - Find SPIDER Platform Root CA in the list, double-click it.
- Expand Trust, change When using this certificate to Always Trust, close the window, enter your admin password again to save.
- Open Safari/Chrome/Firefox and visit https://spiderc2.com.
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ~/Downloads/spider-root-ca.crt
Install on Linux
- Download the certificate.
- For Debian / Ubuntu:
sudo cp ~/Downloads/spider-root-ca.crt /usr/local/share/ca-certificates/ sudo update-ca-certificates
- For Red Hat / Fedora / CentOS:
sudo cp ~/Downloads/spider-root-ca.crt /etc/pki/ca-trust/source/anchors/ sudo update-ca-trust extract
- For Firefox (uses its own trust store): Preferences → Privacy & Security → Certificates → View Certificates → Import → pick the file → check "Trust this CA to identify websites".
Need help? Email spider@tataadvancedsystems.com.